Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1510
Views
0
Helpful
0
Replies

Packet Loss Pinging with Higher Byte Size

Matthew Martin
Level 5
Level 5

‎12-20-2018 10:11 AM

Hello All,

 

Basically, the jist of this is that I setup an SFR Module on our ASA in our DR location (*across WAN from our HQ) and a Firepower Management Center in our HQ. When attempting to add the SFR module to the FMC it fails. After opening ticket with TAC security team he came to conclusion there is a networking issue based off the ping command results below.

 

I am able to ping each device from the other when using the normal ping command with default byte size. But, when attempting to ping with byte size any bigger then about 300, packet loss occurs. I get similar results if I run extended ping command from the 4507 where the ASA is attached to.

 

Pings from SFR Module:

admin@ASASFR3:~$ sudo ping -M do -c 20 -s 1470 192.168.2.20
Last login: Fri Dec 14 16:50:35 UTC 2018 on pts/0
PING 192.168.2.20 (192.168.2.20) 1470(1498) bytes of data.

--- 192.168.2.20 ping statistics ---
20 packets transmitted, 0 received, 100% packet loss, time 18999ms

admin@ASASFR3:~$ 
admin@ASASFR3:~$ 
admin@ASASFR3:~$ sudo ping -M do -c 20 -s 1000 192.168.2.20
Last login: Fri Dec 14 21:27:21 UTC 2018 on pts/0
PING 192.168.2.20 (192.168.2.20) 1000(1028) bytes of data.
^C
--- 192.168.2.20 ping statistics ---
7 packets transmitted, 0 received, 100% packet loss, time 5999ms

admin@ASASFR3:~$ 
admin@ASASFR3:~$ 
admin@ASASFR3:~$ sudo ping -M do -c 5 -s 600 192.168.2.20
Last login: Fri Dec 14 22:05:12 UTC 2018 on pts/0
PING 192.168.2.20 (192.168.2.20) 600(628) bytes of data.
608 bytes from 192.168.2.20: icmp_req=1 ttl=59 time=28.1 ms

--- 192.168.2.20 ping statistics ---
5 packets transmitted, 1 received, 80% packet loss, time 4001ms
rtt min/avg/max/mdev = 28.139/28.139/28.139/0.000 ms

admin@JWP-ASASFR3:~$ 
admin@JWP-ASASFR3:~$ sudo ping -M do -c 5 -s 300 192.168.2.20
Last login: Fri Dec 14 22:04:56 UTC 2018 on pts/0
PING 192.168.2.20 (192.168.2.20) 300(328) bytes of data.
308 bytes from 192.168.2.20: icmp_req=1 ttl=59 time=27.8 ms
308 bytes from 192.168.2.20: icmp_req=2 ttl=59 time=1744 ms
308 bytes from 192.168.2.20: icmp_req=3 ttl=59 time=3461 ms

--- 192.168.2.20 ping statistics ---
5 packets transmitted, 3 received, 40% packet loss, time 4000ms
rtt min/avg/max/mdev = 27.808/1744.395/3461.300/1401.717 ms, pipe 3

admin@ASASFR3:~$ 
admin@ASASFR3:~$ sudo ping -M do -c 5 -s 200 192.168.2.20
Last login: Fri Dec 14 22:04:45 UTC 2018 on pts/0
PING 192.168.2.20 (192.168.2.20) 200(228) bytes of data.
208 bytes from 192.168.2.20: icmp_req=1 ttl=59 time=27.5 ms
208 bytes from 192.168.2.20: icmp_req=2 ttl=59 time=909 ms
208 bytes from 192.168.2.20: icmp_req=3 ttl=59 time=1793 ms
208 bytes from 192.168.2.20: icmp_req=4 ttl=59 time=2677 ms
208 bytes from 192.168.2.20: icmp_req=5 ttl=59 time=3561 ms

--- 192.168.2.20 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 27.511/1793.858/3561.336/1249.562 ms, pipe 2

admin@ASASFR3:~$

 

I know this might be a tough question. But how can I figure out where the issue is occurring with this? In our HQ location where the FMC is attached is a 4510. The MPLS link between DR and HQ locations is 100MB bandwidth, and looking at the graphs from the ISP, it doesn't appear that we are using the full pipe.

 

Any help would be greatly appreciated.

 

Thanks in Advance,

Matt

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents